public async Task <ActionResult <AuthUserDto> > Register(RegisterDto registerDto)
{
ActionResult <AuthUserDto> res;
if (await UserExists(registerDto.Username))
{
res = BadRequest("Username is taken");
}
else
{
using var hmac = new HMACSHA512();
var user = new AppUser
{
UserName = registerDto.Username.ToLower(),
PasswordHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(registerDto.Password)),
PasswordSalt = hmac.Key,
Likes = 0,
};
_context.Users.Add(user);
await _context.SaveChangesAsync();
res = new AuthUserDto
{
Username = user.UserName,
Token = _tokenService.CreateToken(user)
};
}
return(res);
}
public IActionResult Authenticate([FromBody] AuthUserDto userDto)
{
var user = _userService.Authenticate(userDto.Username, userDto.Password);
if (user == null)
{
return(BadRequest("Username or password is incorrect"));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, user.id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
return(Ok(new
{
Id = user.id,
Username = user.username,
Token = tokenString
}));
}
public async Task <ActionResult <AuthUserDto> > Login(LoginDto loginDto)
{
ActionResult <AuthUserDto> res;
var user = await _context.Users
.SingleOrDefaultAsync(x => x.UserName == loginDto.Username);
if (user == null)
{
res = Unauthorized("Invalid username");
}
else
{
using var hmac = new HMACSHA512(user.PasswordSalt);
var computedHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(loginDto.Password));
for (int i = 0; i < computedHash.Length; i++)
{
if (computedHash[i] != user.PasswordHash[i])
{
return(Unauthorized("Invalid password"));
}
}
res = new AuthUserDto
{
Username = user.UserName,
Token = _tokenService.CreateToken(user)
};
}
return(res);
}
public async Task <AuthUserDto> Authenticate(string username, string password)
{
var user = await _userService.GetByExpression(x => x.Username.ToLower() == username.ToLower());
if (user.IsEmpty())
{
return(null);
}
var isValidCredential = Hash.Validate(password, user.Salt, user.Password);
if (!isValidCredential)
{
return(null);
}
var authUser = new AuthUserDto
{
UserId = user.ID,
Email = user.Email,
Role = new UserRole(user.RoleRef),
Username = user.Username,
FullName = user.FullName,
AvatarUrl = user.AvatarUrl,
AccessToken = GenerateAccessToken(user),
RefreshToken = GenerateRefreshToken(user),
};
await StoreUserLogin(authUser.UserId, authUser.AccessToken, authUser.RefreshToken);
return(authUser);
}
public async Task Authenticate()
{
// Arrange
_appSettings.Secret = "atleast32bitsizedsecretstring";
var authUserDto = new AuthUserDto()
{
Password = ""
};
var password = CryptographyService.HashPassword("");
_userRepository.Setup(x => x.Select(It.IsAny <Expression <Func <UserEntity, bool> > >()))
.ReturnsAsync(new List <UserEntity> {
new UserEntity {
UserName = "******", Password = password, PasswordSalt = ""
}
});
// Act
var service = new AccountService(_appSettings, _logger.Object, _refreshTokenRepository.Object,
_userRepository.Object);
var result = await service.Authenticate(authUserDto);
// Assert
Assert.NotNull(result);
}
public async Task <AuthUserDto> Authenticate(string phoneNo, string password)
{
var customer = await GetByExpression(x => x.PhoneNo == phoneNo);
if (customer.IsEmpty())
{
return(null);
}
var isValidCredential = Hash.Validate(password, customer.Auth.Salt, customer.Auth.Password);
if (!isValidCredential)
{
return(null);
}
var authUser = new AuthUserDto
{
UserId = customer.ID,
PhoneNo = customer.PhoneNo,
Email = customer.Email,
Role = null,
Username = null,
FullName = customer.FullName,
AvatarUrl = customer.AvatarUrl,
AccessToken = GenerateAccessToken(customer),
RefreshToken = GenerateRefreshToken(customer),
};
await StoreCustomerLogin(authUser.UserId, authUser.AccessToken, authUser.RefreshToken);
return(authUser);
}
public async Task AuthenticateAsync_ReturnsNull_WhenInvalidInput()
{
//ARRANGE
var dto = new AuthUserDto()
{
UserName = "******", Password = ""
};
var dto2 = new AuthUserDto()
{
UserName = "", Password = "******"
};
var dto3 = new AuthUserDto()
{
UserName = "******", Password = null
};
var dto4 = new AuthUserDto()
{
UserName = null, Password = "******"
};
//ACT
var result = await service.AuthenticateAsync(dto);
var result2 = await service.AuthenticateAsync(dto2);
var result3 = await service.AuthenticateAsync(dto3);
var result4 = await service.AuthenticateAsync(dto4);
//ASSERT
Assert.False(result.Succeeded);
Assert.False(result2.Succeeded);
Assert.False(result3.Succeeded);
Assert.False(result4.Succeeded);
}
public async Task <UserSession> AuthenticateUser(AuthUserDto dto, IPAddress remoteHost)
{
var user = DbContext.Users.SingleOrDefault(x => x.Email == dto.Email);
//The following valiations can't really be done in the service so i'm doing them here.
if (user == null)
{
throw new DataNotFoundException("Email does not match any account.");
}
if (user.PasswordHash != dto.Password)
{
throw new WrongCredentialsException("Email/Password does not match any account.");
}
UserSession session = new UserSession()
{
Token = Utilities.StringUtilities.SecureRandom(64, Utilities.StringUtilities.AllowedChars.AlphabetNumbers),
RemoteHost = remoteHost,
CreationDate = DateTime.UtcNow,
ExpiracyDate = dto.ExtendSession ? DateTime.UtcNow.Add(UserSession.ExtendedTokenValidity) : DateTime.UtcNow.Add(UserSession.DefaultTokenValidity),
UserId = user.Id
};
await ClearSessions(user.Id, remoteHost); //Clear active sessions
await DbContext.UserSessions.AddAsync(session);
await DbContext.SaveChangesAsync();
return(session);
}
public CustomerInfoService(AuthUserDto user) : base(user)
{
_customerInfoDal = new CustomerInfoDal(user);
_groupInfoDal = new GroupInfoDal(user);
_userInfoDal = new UserInfoDal(user);
_userInfoService = new UserInfoService(user);
}
public AuthUserEntity AuthUserDto2AuthUserEntity(AuthUserDto authUserDto)
{
return(new AuthUserEntity
{
UserName = authUserDto.UserName,
Password = authUserDto.Password
});
}
public LoggedInUserDto UserAuthenticate(AuthUserDto authUserDto)
{
AuthUserEntity authUserEntity = _userMapping.AuthUserDto2AuthUserEntity(authUserDto);
LoggedInUserEntity loggedInUserEntity = _userService.UserAuthenticate(authUserEntity);
LoggedInUserDto loggedInUserDto = _userMapping.LoggedInUserEntity2LoggedInUserDto(loggedInUserEntity);
return(loggedInUserDto);
}
public async Task <IActionResult> Authenticate([FromBody] AuthUserDto authBody)
{
try {
var result = await UserService.AuthenticateUser(authBody, HttpContext.Connection.RemoteIpAddress);
return(Ok(result));
} catch (Exception ex) {
Logger.LogWarning(ex, "An error occured: " + ex.Message ?? "undefined");
return(ExceptionHandlerService.Handle(ex, Request));
}
}
public async Task Authenticate_When_Null()
{
//ARRANGE
repo.Setup(x => x.AuthenticateUser(It.IsAny <AuthUserDto>(), It.IsNotNull <IPAddress>()))
.ReturnsAsync(new UserSession());
AuthUserDto dto = null;
//ACT + ASSERT
await Assert.ThrowsExceptionAsync <ArgumentNullException>(() => service.AuthenticateUser(dto, IPAddress.Loopback));
}
public async Task <AuthUserDto> GetUser(string username)
{
var authUserDto = new AuthUserDto();
var user = await idpUserManagement.GetUserByUsername(username);
return(new AuthUserDto
{
Id = user.Id,
Username = user.Username
});
}
public async Task <ApiResult> Check([FromBody] AuthUserDto authUserDto)
{
var _token = await this.accountService.CheckedAsync(authUserDto.UserName, authUserDto.UserPassword, authUserDto.LoginCode);
var _tokenType = "Bearer ";
return(this.ResultOk(new
{
token = _token,
tokenType = _tokenType
}));
}
public async Task Login()
{
// Arrange
var authUserDto = new AuthUserDto();
// Act
var controller = new AccountController(_logger.Object, _accountService.Object);
var result = await controller.Login(authUserDto);
// Assert
Assert.IsType <OkObjectResult>(result.Result);
}
public async Task <AuthUserDto> GetUserById(Guid userId)
{
var authUserDto = new AuthUserDto();
var user = await userRepository.Get().FirstOrDefaultAsync();
// return authUserDto.FromEntity(user);
return(new AuthUserDto
{
Id = user.Id,
Username = user.Username
});
}
public User AdminAuthenticate(AuthUserDto authUserDto)
{
var user = _db.Users.FirstOrDefault(x => x.Email == authUserDto.Email && x.Password == authUserDto.Password && x.Role == "Admin");
//User was not found
if (user == null)
{
return(null);
}
//User found generate JWT Token
return(GenerateToken(user));
}
public IActionResult AdminAuth([FromBody] AuthUserDto userDto)
{
var user = _uRepo.AdminAuthenticate(userDto);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect." }));
}
var tokenObj = _mapper.Map <TokenDto>(user);
return(Ok(tokenObj));
}
public IActionResult Put(AuthUserDto userDto)
{
FindUserDto user = this.UsersServices.IsAvailableUser(userDto.Username, userDto.Password);
if (user != null)
{
return(Ok(user));
}
else
{
return(NotFound());
}
}
public async Task AuthenticateAsync_ReturnsNull_WhenUserDoesntExist()
{
//ARRANGE
var dto = new AuthUserDto()
{
UserName = "******", Password = "******"
};
//ACT
var result = await service.AuthenticateAsync(dto);
//ASSERT
Assert.False(result.Succeeded);
}
public async Task AuthenticateAsync_ReturnsNull_WhenPasswordWrong()
{
//ARRANGE
var dto = new AuthUserDto()
{
UserName = "******", Password = "******"
};
//ACT
var result = await service.AuthenticateAsync(dto);
//ASSERT
Assert.False(result.Succeeded);
}
public async Task <AuthUserDto> LoginUser(AuthUserDto user)
{
var userVal = await _context.AuthUser.FirstOrDefaultAsync(x => x.UserName == user.UserName);
if (user == null)
{
return(null);
}
if (!VerifyPasswordHash(user.Password, userVal.PasswordHash, userVal.PasswordSalt))
{
return(null);
}
return(user);
}
public async Task <IActionResult> Post([FromForm] AuthUserDto loginUser)
{
if (loginUser == null)
{
return(BadRequest("Usuário ou Senha nulos"));
}
if (string.IsNullOrEmpty(loginUser.Email) || string.IsNullOrEmpty(loginUser.Password))
{
return(BadRequest("Usuário ou Senha nulos"));
}
var identity = await GetClaims(loginUser);
if (identity == null)
{
return(await Response(null, new List <Notification> {
new Notification("User", "Usuário ou senha inválidos")
}));
}
var jtb = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create(_config["secretyKey"]))
.AddSubject(_user.Email)
.AddIssuer(_config["issuer"])
.AddAudience(_config["audience"])
.AddNameId(_user.Id.ToString())
.AddClaim("Nickname", _user.Nickname)
.AddClaim("medclinic", identity)
.AddExpiry(2880)
.Build();
var response = new
{
token = jtb,
expire = 2,
user = new
{
id = _user.Id,
name = _user.Nickname,
email = _user.Email
}
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
public async Task <UserSessionViewModel> AuthenticateUser(AuthUserDto dto, IPAddress remoteHost)
{
if (dto is null)
{
throw new ArgumentNullException(nameof(dto));
}
if (remoteHost.AddressFamily != System.Net.Sockets.AddressFamily.InterNetwork && remoteHost.AddressFamily != System.Net.Sockets.AddressFamily.InterNetworkV6)
{
throw new ArgumentOutOfRangeException(nameof(remoteHost), "Invalid IP Address");
}
dto.Password = Utilities.StringUtilities.ComputeHash(dto.Password, System.Security.Cryptography.HashAlgorithmName.SHA512);
var session = await UserRepository.AuthenticateUser(dto, remoteHost);
return(UserSessionViewModel.FromUserSession(session));
}
public async Task <AuthUserResponse> Authenticate(AuthUserDto authUserDto)
{
try
{
_logger.LogDebug("Beginning Authentication");
var userList = await _userRepository.Select(a => a.UserName == authUserDto.Identity || a.Email == authUserDto.Identity);
var user = userList.FirstOrDefault(a => CryptographyService.HashPassword(authUserDto.Password + a.PasswordSalt) == a.Password);
if (user == null)
{
throw new AuthenticationException("Invalid user. Check your password and/or username");
}
_logger.LogDebug("User found: {@User}", user);
var jwtToken = GenerateJwtToken(user);
_logger.LogDebug("New token generated: {@JwtToken}", jwtToken);
var refreshToken = GenerateRefreshToken(authUserDto.IpAddress);
refreshToken.UserId = user.Id;
await _refreshTokenRepository.Insert(refreshToken);
_refreshTokenRepository.Save();
_logger.LogDebug("New refresh token generated: {@RefreshToken}", refreshToken);
var authUserResponse = new AuthUserResponse()
{
Username = user.UserName,
JwtToken = jwtToken,
RefreshToken = refreshToken.Token
};
_logger.LogDebug("Authentication successful");
return(authUserResponse);
}
catch (Exception e)
{
_logger.LogError(e, "Error during authentication");
throw;
}
}
private Task <string> GetClaims(AuthUserDto loginUser)
{
var user = _service.GetByEmail(loginUser.Email);
if (user == null)
{
return(Task.FromResult <string>(null));
}
if (!user.Authenticate(loginUser.Email, loginUser.Password))
{
return(Task.FromResult <string>(null));
}
_user = user;
return(Task.FromResult(user.Permission.ToString()));
}
public async Task <IActionResult> Register([FromBody] AuthUserDto userDto)
{
// map dto to entity
var user = _mapper.Map <auth_user>(userDto);
try
{
// save
await _userService.Create(user, userDto.Password);
return(Ok());
}
catch (AppException ex)
{
// return error message if there was an exception
return(BadRequest(ex.Message));
}
}
public async Task Authenticate_When_Valid()
{
//ARRANGE
repo.Setup(x => x.AuthenticateUser(It.IsAny <AuthUserDto>(), It.IsNotNull <IPAddress>()))
.ReturnsAsync(new UserSession());
var dto = new AuthUserDto()
{
Email = "*****@*****.**",
Password = "******",
ExtendSession = false
};
//ACT
var result = service.AuthenticateUser(dto, IPAddress.Loopback);
//ASSERT
Assert.IsNotNull(result);
}
public IActionResult Update(int id, [FromBody] AuthUserDto userDto)
{
// map dto to entity and set id
var user = _mapper.Map <auth_user>(userDto);
user.id = id;
try
{
// save
_userService.Update(user, userDto.Password);
return(Ok());
}
catch (AppException ex)
{
// return error message if there was an exception
return(BadRequest(ex.Message));
}
}
